This configuration is an interface-level configuration. According to Neighbor Discovery (ND) RFC 4861, only the IPv6 router can generate the RA packets. By configuring the device-role attached to the port whether it is a host or router, the rogue host which is generating RA packets can be blocked. Device-role can be applied only on a port, and not on an MLT, SMLT, or VLAN. If you configure device-role on an MLT, SMLT, or VLAN, you must configure the same device-role on all the MLT, SMLT, or VLAN member ports.
In the following topology, the switch is connected to a Layer 3 router and three hosts. Because the router is directly connected to port 1/2, the device-role of the port 1/2 is configured in Router mode. The other hosts are connected to ports 1/3, 1/4, and 1/5, and the device-role of ports 1/3, 1/4, and 1/5 are configured in Host Mode.
The host connected to the port 1/4 is a rogue host and if it is trying to send RA packets, then the switch drops those RA packets received on the interface 1/4 as the device-role of this port is Host Mode.
